Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 596354 (CVE-2016-7798) - <dev-lang/ruby-2.4.0: IV Reuse in GCM Mode
Summary: <dev-lang/ruby-2.4.0: IV Reuse in GCM Mode
Status: RESOLVED FIXED
Alias: CVE-2016-7798
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://bugzilla.redhat.com/show_bug....
Whiteboard: B3 [noglsa cve]
Keywords: PATCH
Depends on:
Blocks:
 
Reported: 2016-10-06 15:46 UTC by Agostino Sarubbo
Modified: 2019-10-26 21:22 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2016-10-06 15:46:13 UTC
From ${URL} :

An IV reuse bug was discovered in Ruby's OpenSSL library when using
aes-gcm. When encrypting data with aes-*-gcm, if the IV is set before
setting the key, the cipher will default to using a static IV. This creates
a static nonce and since aes-gcm is a stream cipher, this can lead to known
cryptographic issues.

References:

http://seclists.org/oss-sec/2016/q3/562

Upstream bug:

https://github.com/ruby/openssl/issues/49

Upstream patch:

https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-11-26 00:38:42 UTC
@maintainer(s), can you patch or is this already in a release?
Comment 2 Hans de Graaff gentoo-dev 2016-11-26 07:30:00 UTC
This is fixed in the ruby-openssl repository, but we use the bundled (or rather, embedded) version distributed with dev-lang/ruby itself and that has not been updated yet. Backporting doesn't look trivial because this patch builds upon additional changes made in ruby-openssl. It may be possible to unbundle this for ruby 2.3.
Comment 3 Yury German Gentoo Infrastructure gentoo-dev Security 2017-03-26 13:52:19 UTC
Hans, if you can please do not add version info, until you are ready to call for stabilization.
Comment 4 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-05-27 15:22:05 UTC
@Hans

Ruby target 22 was already dropped, were you able to unbundle this in 23? 

Thanks
Comment 5 Hans de Graaff gentoo-dev 2018-07-20 05:09:14 UTC
(In reply to Christopher Díaz Riveros from comment #4)

> Ruby target 22 was already dropped, were you able to unbundle this in 23? 

I haven't tried yet and I am also hesitant to do so since it may introduce hard-to-find compatability issues since ruby packages expect to find specific openssl versions bundled with different ruby versions.

I think it makes more sense now to focus on removal of ruby23 which can be started once ruby24 is stable.
Comment 6 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-09-07 17:51:57 UTC
(In reply to Hans de Graaff from comment #5)
> (In reply to Christopher Díaz Riveros from comment #4)
> 
> > Ruby target 22 was already dropped, were you able to unbundle this in 23? 
> 
> I haven't tried yet and I am also hesitant to do so since it may introduce
> hard-to-find compatability issues since ruby packages expect to find
> specific openssl versions bundled with different ruby versions.
> 
> I think it makes more sense now to focus on removal of ruby23 which can be
> started once ruby24 is stable.

Hans, thank for the info. ruby23 is gone now. Was this fixed in Ruby24?
Comment 7 Thomas Deutschmann gentoo-dev Security 2019-10-26 21:22:42 UTC
It's fixed in dev-lang/ruby since https://github.com/ruby/ruby/commit/aab0d67a1ff5190ff7a951e40cee742210302aed which is present since >=dev-lang/ruby-2.4.0!

GLSA Vote: No!

Repository is clean, all done!